Newer
Older
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
// ----------------------------------------------------------------------------------------------------------------
//* Get record details
public function dns_srv_get($session_id, $primary_id)
{
global $app;
if(!$this->checkPerm($session_id, 'dns_srv_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$app->uses('remoting_lib');
$app->remoting_lib->loadFormDef('../dns/form/dns_srv.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
//* Add a record
public function dns_srv_add($session_id, $client_id, $params)
{
if(!$this->checkPerm($session_id, 'dns_srv_add')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
return $this->insertQuery('../dns/form/dns_srv.tform.php',$client_id,$params);
}
//* Update a record
public function dns_srv_update($session_id, $client_id, $primary_id, $params)
{
if(!$this->checkPerm($session_id, 'dns_srv_update')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->updateQuery('../dns/form/dns_srv.tform.php',$client_id,$primary_id,$params);
return $affected_rows;
}
//* Delete a record
public function dns_srv_delete($session_id, $primary_id)
{
if(!$this->checkPerm($session_id, 'dns_srv_delete')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_srv.tform.php',$primary_id);
return $affected_rows;
}
// ----------------------------------------------------------------------------------------------------------------
//* Get record details
public function dns_txt_get($session_id, $primary_id)
{
global $app;
if(!$this->checkPerm($session_id, 'dns_txt_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$app->uses('remoting_lib');
$app->remoting_lib->loadFormDef('../dns/form/dns_txt.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
//* Add a record
public function dns_txt_add($session_id, $client_id, $params)
{
if(!$this->checkPerm($session_id, 'dns_txt_add')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
return $this->insertQuery('../dns/form/dns_txt.tform.php',$client_id,$params);
}
//* Update a record
public function dns_txt_update($session_id, $client_id, $primary_id, $params)
{
if(!$this->checkPerm($session_id, 'dns_txt_update')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->updateQuery('../dns/form/dns_txt.tform.php',$client_id,$primary_id,$params);
return $affected_rows;
}
//* Delete a record
public function dns_txt_delete($session_id, $primary_id)
{
if(!$this->checkPerm($session_id, 'dns_txt_delete')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_txt.tform.php',$primary_id);
return $affected_rows;
}
//** private functions -----------------------------------------------------------------------------------
private function klientadd($formdef_file, $reseller_id, $params)
{
global $app, $tform, $remoting_lib;
$app->uses('remoting_lib');
//* Load the form definition
$app->remoting_lib->loadFormDef($formdef_file);
//* load the user profile of the client
$app->remoting_lib->loadUserProfile($reseller_id);
//* load the client template
if(isset($params['template_master']) and $params['template_master'] > 0)
{
$template=$app->db->queryOneRecord("SELECT * FROM client_template WHERE template_id=".intval($params['template_master']));
$params=array_merge($params,$template);
}
//* Get the SQL query
$sql = $app->remoting_lib->getSQL($params,'INSERT',0);
if($app->remoting_lib->errorMessage != '') {
$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
return false;
}
$app->db->query($sql);
$app->plugin->raiseEvent('client:client:on_after_insert',$this);
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
if($app->db->errorMessage != '') {
$this->server->fault('database_error', $app->db->errorMessage . ' '.$sql);
return false;
}
$insert_id = $app->db->insertID();
//$app->uses('tform');
//* Save changes to Datalog
if($app->remoting_lib->formDef["db_history"] == 'yes') {
$new_rec = $app->remoting_lib->getDataRecord($insert_id);
$app->remoting_lib->datalogSave('INSERT',$primary_id,array(),$new_rec);
$app->remoting_lib->ispconfig_sysuser_add($params,$insert_id);
if($reseller_id) {
$client_group = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = ".$insert_id);
$reseller_user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = ".$reseller_id);
$app->auth->add_group_to_user($reseller_user['userid'], $client_group['groupid']);
$app->db->query("UPDATE client SET parent_client_id = ".$reseller_id." WHERE client_id = ".$insert_id);
}
}
return $insert_id;
}
private function insertQuery($formdef_file, $client_id, $params,$event_identifier = '')
{
global $app, $tform, $remoting_lib;
$app->uses('remoting_lib');
//* load the user profile of the client
$app->remoting_lib->loadUserProfile($client_id);
//* Load the form definition
$app->remoting_lib->loadFormDef($formdef_file);
//* Get the SQL query
$sql = $app->remoting_lib->getSQL($params,'INSERT',0);
if($app->remoting_lib->errorMessage != '') {
$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
return false;
}
$app->db->query($sql);
if($app->db->errorMessage != '') {
$this->server->fault('database_error', $app->db->errorMessage . ' '.$sql);
return false;
}
$insert_id = $app->db->insertID();
// set a few values for compatibility with tform actions, mostly used by plugins
$this->id = $insert_id;
$this->dataRecord = $params;
if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);
//$app->uses('tform');
//* Save changes to Datalog
if($app->remoting_lib->formDef["db_history"] == 'yes') {
$new_rec = $app->remoting_lib->getDataRecord($insert_id);
$app->remoting_lib->datalogSave('INSERT',$primary_id,array(),$new_rec);
}
return $insert_id;
}
private function updateQuery($formdef_file, $client_id, $primary_id, $params, $event_identifier = '')
{
global $app;
$app->uses('remoting_lib');
//* load the user profile of the client
$app->remoting_lib->loadUserProfile($client_id);
//* Load the form definition
$app->remoting_lib->loadFormDef($formdef_file);
//* Get the SQL query
$sql = $app->remoting_lib->getSQL($params,'UPDATE',$primary_id);
if($app->remoting_lib->errorMessage != '') {
$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
return false;
}
$old_rec = $app->remoting_lib->getDataRecord($primary_id);
// set a few values for compatibility with tform actions, mostly used by plugins
$this->oldDataRecord = $old_rec;
$this->id = $primary_id;
$this->dataRecord = $params;
$app->db->query($sql);
if($app->db->errorMessage != '') {
$this->server->fault('database_error', $app->db->errorMessage . ' '.$sql);
return false;
}
$affected_rows = $app->db->affectedRows();
if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);
//* Save changes to Datalog
if($app->remoting_lib->formDef["db_history"] == 'yes') {
$new_rec = $app->remoting_lib->getDataRecord($primary_id);
$app->remoting_lib->datalogSave('UPDATE',$primary_id,$old_rec,$new_rec);
}
return $affected_rows;
}
private function deleteQuery($formdef_file, $primary_id)
{
global $app;
$app->uses('remoting_lib');
//* load the user profile of the client
$app->remoting_lib->loadUserProfile(0);
//* Load the form definition
$app->remoting_lib->loadFormDef($formdef_file);
$old_rec = $app->remoting_lib->getDataRecord($primary_id);
// set a few values for compatibility with tform actions, mostly used by plugins
$this->oldDataRecord = $old_rec;
$this->id = $primary_id;
$this->dataRecord = $params;
//* Get the SQL query
$sql = $app->remoting_lib->getDeleteSQL($primary_id);
$app->db->query($sql);
if($app->db->errorMessage != '') {
$this->server->fault('database_error', $app->db->errorMessage . ' '.$sql);
return false;
}
$affected_rows = $app->db->affectedRows();
//* Save changes to Datalog
if($app->remoting_lib->formDef["db_history"] == 'yes') {
$app->remoting_lib->datalogSave('DELETE',$primary_id,$old_rec,array());
}
return $affected_rows;
}
private function checkPerm($session_id, $function_name)
{
$dobre=array();
$session = $this->getSession($session_id);
if(!$session){
return false;
}
$dobre= str_replace(';',',',$session['remote_functions']);
return in_array($function_name, explode(',', $dobre) );
}
private function getSession($session_id)
{
global $app;
if(empty($session_id)) {
$this->server->fault('session_id_empty','The SessionID is empty.');
return false;
}
$session_id = $app->db->quote($session_id);
$now = time();
$sql = "SELECT * FROM remote_session WHERE remote_session = '$session_id' AND tstamp >= $now";
$session = $app->db->queryOneRecord($sql);
if($session['remote_userid'] > 0) {
return $session;
} else {
$this->server->fault('session_does_not_exist','The Session is expired or does not exist.');
return false;
}
}
//---
/**
* Gets sites by $sys_userid & $sys_groupid
* @param int session id
* @param int user id
* @param array list of groups
* @return mixed array with sites by user
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function client_get_sites_by_user($session_id, $sys_userid, $sys_groupid) {
global $app;
if(!$this->checkPerm($session_id, 'client_get_sites_by_user')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$sys_userid = intval($sys_userid);
$sys_groupid = explode(',', $sys_groupid);
$new_group = array();
foreach($sys_groupid as $group_id) {
$new_group[] = intval( $group_id);
}
$group_list = implode(',', $new_group);
$sql ="SELECT domain, domain_id, document_root, active FROM web_domain WHERE ( (sys_userid = $sys_userid AND sys_perm_user LIKE '%r%') OR (sys_groupid IN ($group_list) AND sys_perm_group LIKE '%r%') OR sys_perm_other LIKE '%r%') AND type = 'vhost'";
$result = $app->db->queryAllRecords($sql);
if(isset($result)) {
return $result;
} else {
$this->server->fault('no_client_found', 'There is no site for this user');
return false;
}
}
/**
* Change domains status
* @param int session id
* @param int site id
* @param string active or inactive string
* @return mixed false if error
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function sites_web_domain_set_status($session_id, $primary_id, $status) {
global $app;
if(!$this->checkPerm($session_id, 'sites_web_domain_set_status')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if(in_array($status, array('active', 'inactive'))) {
if ($status == 'active') {
$status = 'y';
} else {
$status = 'n';
}
$sql = "UPDATE web_domain SET active = '$status' WHERE domain_id = ".intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
} else {
$this->server->fault('status_undefined', 'The status is not available');
return false;
}
}
/**
* Get sys_user information by username
* @param int session id
* @param string user's name
* @return mixed false if error
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function client_get_by_username($session_id, $username) {
global $app;
if(!$this->checkPerm($session_id, 'client_get_by_username')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$username = $app->db->quote($username);
$rec = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE username = '".$username."'");
if (isset($rec)) {
return $rec;
} else {
$this->server->fault('no_client_found', 'There is no user account for this user name.');
return false;
}
}
/**
* Changes client password
*
* @param int session id
* @param int client id
* @param string new password
* @return bool true if success
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*
*/
public function client_change_password($session_id, $client_id, $new_password) {
global $app;
if(!$this->checkPerm($session_id, 'client_change_password')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$client_id = intval($client_id);
$client = $app->db->queryOneRecord("SELECT client_id FROM client WHERE client_id = ".$client_id);
if($client['client_id'] > 0) {
$new_password = $app->db->quote($new_password);
$sql = "UPDATE client SET password = md5('".($new_password)."') WHERE client_id = ".$client_id;
$app->db->query($sql);
$sql = "UPDATE sys_user SET passwort = md5('".($new_password)."') WHERE client_id = ".$client_id;
$app->db->query($sql);
return true;
} else {
$this->server->fault('no_client_found', 'There is no user account for this client_id');
return false;
}
}
/**
* Fetch the mail_domain record for the provided domain.
* @param int session_id
* @param string the fully qualified domain (or subdomain)
* @return array array of arrays corresponding to the mail_domain table's records
* @author till, benlake
*/
public function mail_domain_get_by_domain($session_id, $domain) {
global $app;
if(!$this->checkPerm($session_id, 'mail_domain_get_by_domain')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$sql = "SELECT * FROM mail_domain WHERE domain = '$domain'";
$result = $app->db->queryAllRecords($sql);
return $result;
}
return false;
}
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
/**
* Get a list of functions
* @param int session id
* @return mixed array of the available functions
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function get_function_list($session_id)
{
if(!$this->checkPerm($session_id, 'get_function_list')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
return get_class_methods($this);
}
/**
* Get all databases by user
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function sites_database_get_all_by_user($session_id, $client_id)
{
global $app;
if(!$this->checkPerm($session_id, 'sites_database_get_all_by_user')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$client_id = intval($client_id);
$sql = "SELECT database_id, database_name, database_user, database_password FROM web_database WHERE sys_userid = $client_id ";
$all = $app->db->queryAllRecords($sql);
return $all;
}
/**
* Get all client templates
* @param int session id
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function client_templates_get_all($session_id) {
global $app;
if(!$this->checkPerm($session_id, 'client_templates_get_all')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$sql = "SELECT * FROM client_template";
$result = $app->db->queryAllRecords($sql);
return $result;
}
/**
* Get all DNS zone by user
*@author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function dns_zone_get_by_user($session_id, $client_id, $server_id) {
global $app;
if(!$this->checkPerm($session_id, 'dns_zone_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if (!empty($client_id) && !empty($server_id)) {
$server_id = intval($server_id);
$client_id = intval($client_id);
$sql = "SELECT id, origin FROM dns_soa d INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id AND server_id = $server_id";
$result = $app->db->queryAllRecords($sql);
return $result;
}
return false;
}
sebastianm
committed
/**
* Get all dns records for a zone
* @param int session id
* @param int dns zone id
* @author Sebastian Mogilowski <sebastian@mogilowski.net> 2011
*/
public function dns_rr_get_all_by_zone($session_id, $zone_id) {
global $app;
if(!$this->checkPerm($session_id, 'dns_zone_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$sql = "SELECT * FROM dns_rr WHERE zone = ".intval($zone_id);;
$result = $app->db->queryAllRecords($sql);
return $result;
}
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
/**
* Changes DNS zone status
* @param int session id
* @param int dns soa id
* @param string status active or inactive string
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function dns_zone_set_status($session_id, $primary_id, $status) {
global $app;
if(!$this->checkPerm($session_id, 'dns_zone_set_status')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if(in_array($status, array('active', 'inactive'))) {
if ($status == 'active') {
$status = 'Y';
} else {
$status = 'N';
}
$sql = "UPDATE dns_soa SET active = '$status' WHERE id = ".intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
} else {
$this->server->fault('status_undefined', 'The status is not available');
return false;
}
}
public function mail_domain_set_status($session_id, $primary_id, $status) {
global $app;
if(!$this->checkPerm($session_id, 'mail_domain_set_status')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if(in_array($status, array('active', 'inactive'))) {
if ($status == 'active') {
$status = 'y';
} else {
$status = 'n';
}
$sql = "UPDATE mail_domain SET active = '$status' WHERE domain_id = ".intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
} else {
$this->server->fault('status_undefined', 'The status is not available');
return false;
}
}
}